[lxc-devel] [lxc/master] Fix PID namespace pdeathsig handling

flx42 on Github lxc-bot at linuxcontainers.org
Tue Mar 12 00:28:42 UTC 2019 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 471 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190311/1cc738aa/attachment.bin>
-------------- next part --------------
From 7e610509377359ca6da95cd7ca9d761c0c3489c7 Mon Sep 17 00:00:00 2001
From: Felix Abecassis <fabecassis at nvidia.com>
Date: Mon, 11 Mar 2019 17:13:48 -0700
Subject: [PATCH 1/2] utils: fix handling of PID namespaces in
 lxc_set_death_signal

Signed-off-by: Felix Abecassis <fabecassis at nvidia.com>
---
 src/lxc/utils.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index e2b2bb11e9..0262c7acd4 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -1705,9 +1705,9 @@ int lxc_set_death_signal(int signal, pid_t parent)
 	ret = prctl(PR_SET_PDEATHSIG, prctl_arg(signal), prctl_arg(0),
 		    prctl_arg(0), prctl_arg(0));
 
-	/* Check whether we have been orphaned. */
+	/* If not in a PID namespace, check whether we have been orphaned. */
 	ppid = (pid_t)syscall(SYS_getppid);
-	if (ppid != parent) {
+	if (ppid && ppid != parent) {
 		ret = raise(SIGKILL);
 		if (ret < 0)
 			return -1;

From b765aa883eddbc1461d964d042fb3239bd5fab5a Mon Sep 17 00:00:00 2001
From: Felix Abecassis <fabecassis at nvidia.com>
Date: Mon, 11 Mar 2019 17:15:45 -0700
Subject: [PATCH 2/2] start: fix parent PID passed to lxc_set_death_signal

Fixes: #2902

Signed-off-by: Felix Abecassis <fabecassis at nvidia.com>
---
 src/lxc/start.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lxc/start.c b/src/lxc/start.c
index 31fa3f8a4d..139f429635 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1112,7 +1112,7 @@ static int do_start(void *data)
 	 * exit before we set the pdeath signal leading to a unsupervized
 	 * container.
 	 */
-	ret = lxc_set_death_signal(SIGKILL, 0);
+	ret = lxc_set_death_signal(SIGKILL, handler->monitor_pid);
 	if (ret < 0) {
 		SYSERROR("Failed to set PR_SET_PDEATHSIG to SIGKILL");
 		goto out_warn_father;

More information about the lxc-devel mailing list